CISA Adds ScienceLogic SL1 Vulnerability to Exploited Catalog After Active Zero-Day Attack

/in

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a critical security flaw impacting ScienceLogic SL1 to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active exploitation as a zero-day.
The vulnerability in question, tracked as CVE-2024-9537 (CVSS v4 score: 9.3), refers to a bug involving an unspecified third-party component that could

The Hacker News – ​Read More

Russia-Linked Hackers Attack Japan’s Govt, Ports

/in

Russia-linked hackers have taken aim at Japan, following its ramping up of military exercises with regional allies and the increase of its defense budget.

darkreading – ​Read More

Unmanaged Cloud Credentials Pose Risk to Half of Orgs

/in

These types of “long-lived” credentials pose a risk for users across all major cloud service providers, and must meet their very timely ends, researchers say.

darkreading – ​Read More

Meta tests facial recognition for spotting ‘celeb-bait’ ads scams and easier account recovery

/in

Meta is expanding tests of facial recognition as an anti-scam measure to combat celebrity scam ads and more broadly, the Facebook owner announced Monday. Monika Bickert, Meta’s VP of content policy, wrote in a blog post that some of the tests aim to bolster its existing anti-scam measures, such as the automated scans (using machine […]

© 2024 TechCrunch. All rights reserved. For personal use only.

Security News | TechCrunch – ​Read More

Cisco Disables DevHub Access After Security Breach

/in

The networking company confirms that cyberattackers illegally accessed data belonging to some of its customers.

darkreading – ​Read More

Internet Archive Gets Pummeled in Round 2 Breach

/in

This latest breach was through Zendesk, a customer service platform that the organization uses.

darkreading – ​Read More

VMware Struggles to Fix Flaw Exploited at Chinese Hacking Contest

/in

For the second time in as many months, VMware patches a remote code execution vulnerability first exploited at a Chinese hacking contest in June.

The post VMware Struggles to Fix Flaw Exploited at Chinese Hacking Contest appeared first on SecurityWeek.

SecurityWeek – ​Read More

Internet Archive (Archive.org) Hacked for Second Time in a Month

/in

The Internet Archive (Archive.org) suffered a second security breach in October 2024, exposing support tickets through unrotated Zendesk…

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Japanese watchmaker Casio warns of delivery delays after ransomware attack

/in

The company said the October 5 cyberattack has caused “significant delays in the delivery of items requested for repair” and expects systems by the end of November.

The Record from Recorded Future News – ​Read More

ISC2 Security Congress 2024: The Landscape of Nation-State Cyber Attacks

/in

CISA advisor Nicole Perlroth closed out ISC2 Security Congress’ keynotes with a wake-up call for security teams to watch for nation-state-sponsored attacks.

Security | TechRepublic – ​Read More